| Android has become the most common used smart phone operating system in the world, and it uses the SSL protocol to protect the data communication. But many Android APP lications are vulnerable to Man-in-the-Middle (MITM) attacks, since the lack of visual secu-rity indicators for SSL usage and the inadequate use of SSL. In terms of mobile device, the paper studies SSLStrip for Android, and based on this, proposes a strategy to defense against SSLStrip attacks.This paper analyses the attack process and basic principle of SSLStrip for Android, studies how to attack on SSL with ARP spoofing, and then proposes a strategy which is directed against ARP spoofing. Also, the paper analyses and designs both server and client sides of the strategy in details, verifies the effectiveness of the strategy and realizes the functions of client side.The strategy need to ensure that the IP address and MAC address of router are reliable, so the paper extends the function of DHCP server, sends the IP address and MAC address of router to DHCP Client with DHCPACK messages. And in the DHCP Client side, an Android APP lication based on Tcpdump is developed. This APP lication can capture packages sended to the Android client, and save the captured packeages into a PCAP file, which is stored in the SD card of the smart phone. Also, it can parse the PCAP file with JPCAP, and get the MAC address of gateway from DHCP message, then record them into ARP-Cache of the smart phone statically. In this way, attackers will not modify the ARP-Cache of the smart phone optionally, and the SSLStrip MITM attacks can be prevented thoroughly in a mobile network environment. |
PDF Full Text Request